HomePentest-Tools.com Logo

SPIP <3.1.2 - Cross-Site Scripting CVE-2016-7981

Severity
CVSSv3 Score
6.1
Vulnerability description

SPIP 3.1.2 and earlier contains a cross-site scripting vulnerability in valider_xml.php which allows remote attackers to inject arbitrary web script or HTML via the var_url parameter in a valider_xml action.

Risk description

No risk description to display.

Recommendation

Upgrade SPIP to version 3.1.2 or later to mitigate this vulnerability.

Codename
Not available
Detectable with
Network Scanner
Scan engine
Nuclei
Exploitable with Sniper
No
CVE Published
Jan 18, 2017
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available